Why Push Docker Images to Pivotal Web Services? Because the Platform Gives You So Many Benefits.

Pivotal Web Services (PWS) is a public version of Pivotal Cloud Foundry. When you push your code - and now, when you push a Docker image - the platform does so much for you, including:

Load balancing and DNS

Application performance monitoring

Logging and auditing

Starting your application in a healthy state with the desired number of instances

Scaling is a breeze; it’s as simple as cf scale. And you gain automated app recovery with four built-in 4 layers of high availability. This quick video shows how easy it is to get your Docker images running on PWS:

PWS: A Secure Place to Run Your Docker Images

Developers and IT ops teams love Docker. It simplifies common workflows, and solves the “works on my machine” issue elegantly. But for IT security teams, it’s a different story. Why? With hand-built containers, the individual developer must manage dependencies and ensure everything stays patched and secure. That’s a tough sell at scale, no matter how vigilant your software engineers claim to be.

Here’s the good news: Pivotal has built our software with security-conscious developers and InfoSec teams in mind. We’ve been at the forefront of container security since Cloud Foundry’s inception in 2011. Our engineers brought features like AppArmor, Seccomp, and unprivileged containers to Cloud Foundry.

The underlying container tech has matured to the point where you can now run Docker images in a multitenant environment like PWS. Of course, you should still follow best practices for patching! Using a trusted registry would help too, PWS supports this option.

The next frontier for container security tech in Cloud Foundry is rootless containers. Our own Ed King wrote up a brilliant summary of this effort. And check out his talk at Kubecon on the same topic:

Startups and enterprises alike are writing more software than ever. That software is often going to be best packaged with platform-built containers. This workflow is the classic Cloud Foundry buildpack model. Push your code, and the platform will build your container for you. This option suits high-velocity development teams well. (It also helps InfoSec teams sleep easier at night. It’s easy to audit the apps running on the platform, and it’s far easier to quickly patch software when a CVE is uncovered.)

You’re going to have plenty of developer-built containers as well. Use Kubernetes and Pivotal Container Service for these workloads. Docker image support in PCF and PWS are worth a look too.

Either way, you need a secure, highly automated way to run all your apps and containers at scale. And that’s exactly what Pivotal gives you.